This is a contributed piece by Giovanni Verhaeghe, Director of Market & Product Strategy at VASCO
With the White House intelligence committee hearing on Russian tampering in the US election underway, and elections on the doorsteps of a number of key European countries this year, IT security concerns in the democratic process have peaked more than ever before. Digitally assisted voting can eventually help solve many of the problems democracies are faced with, including errors, fraud and manipulation.
This year, the Dutch made the decision to count all ballots cast during the parliamentary elections manually, after experts warned that the vote counting software is faulty. The recent fears of meddling by Russian hackers that have overshadowed the American presidential elections last year are now set to return. Even if hackers fail to have a decisive influence on the result, the concern is that, potentially, confidence in the democratic process is undermined.
In all the debates on whether electronic voting is safe or not, the advantages tend to play a secondary part. However, electronic voting plays a crucial part in enabling voters to cast their ballot. In 19th century America, for example, people needed to travel large distances just to cast their vote, making it impossible for the poor – many of whom did not have access to a mode of transport – or for the sick to exercise their rights. The result is that voter turnout was nowhere near the levels we see today. It shows that making voting more convenient is about much more than just making it easier to do. Electronic voting offers the potential for voters to cast their ballots over the internet in the future, maximizing voting availability and citizens’ participation.
Electronic voting makes things better, not worse
Complaints about the US presidential elections stated that the system potentially allowed voting fraud, including voters able to vote in multiple states and deceased people voting. The standard reaction has been to demand more identification documents and to present them personally in order to establish someone’s identity.
However, stricter registration laws had the opposite effect on voter confidence, because incidents of voter fraud are sporadic and more than once politicians misused the argument to disenfranchise certain voter groups that, for example, are less likely to carry photo ID.
Shunning e-voting is a standard reaction
So far, there have been two standard reactions to reports of voting fraud or electoral hacking. The first is that it is accepted. Technology does usually not even play a preventative part there except for uncovering the events to begin with. A clip showing ballot stuffing by officials in Russia during the 2016 Duma elections notoriously went viral. Local authorities, however, did not feel any compulsion to review the process.
The second standard reaction is to ban electronic voting altogether in lieu of tried and tested manual processes. This has negative consequences as well. As mentioned earlier, the Dutch not only banned voting computers for this year’s elections, but also decided against electronic counting of the ballots. Local authorities have collectively complained that this will drive up the costs and will lead to less accurate results because of human error. This argument against going back to older methods also goes for combatting voter fraud. The more manual actions that are required to complete the process, the more opportunities there are to commit fraud.
These reactions are unnecessary. Not only does the technology to secure electronic or digital voting exist, it is also already in use at companies and even government institutions.
Encryption is key, trust even more so
In the context of democratic elections, encryption is even more relevant. As many citizens may feel uncomfortable when voting online, the first step of digitizing the process would be in the voting booth. This in turn means that the voting data needs to be kept separated from who turned out (in order to prevent matching votes to specific voters), and that both sets of data need to be encrypted; not just on the voting machine itself, but also on any medium the data is transferred to for the purpose of processing (like automatic counting). The main risk here is that hackers could somehow can get access to that data and alter it on such a scale that they influence the final result. If the data is strongly encrypted and the keys are kept safe though, the risk of manipulation drops to a very low level.
A second concern relates to establishing with certainty that the voter is who he claims to be. Indeed, in the end, voters are an identical match for the identities used in applications that need a secure and trusted way to authenticate users. They are based on two-factor authentication and data encryption. By enforcing two-factor authentication, an identity is basically not just a digital affair but also requires a physical component, in the form of a token or other device that the identity’s owner would need to have in his or her possession.
Using this model, the simple theft of credentials and personal information is not sufficient to fake an identity. This makes it much harder for hackers and fraudsters to pose digitally as someone else. In some countries, this has entered into official law as well. Belgium, for example, uses an electronic ID Card with a built-in chip. This smartcard can be used to authenticate users of, for instance, online gambling services in order to bar underage users and registered addicts from playing. A lot of countries use e-identities for government services, and governments have accepted them as a legal way for citizens to identify themselves.
In conclusion, we can state that the main issue is not whether the technology exists to adequately secure electronic voting machines and ballot counting systems. The main issue is that the democratic process depends on the trust that citizens have in it. Those citizens are, rightly, hard to please when it comes to such a fundamental right. It is up to both technology vendors and governments to make sure that trust is gained. Voting fraud and other forms of nefarious ballot manipulations do exist in the world today, and it is important to note that technology does need to make this worse. In the end, it can actually make things fairer and increase voter participation.
PREVIOUS ARTICLE«Quotes of the week: “Every American should be alarmed by the very real violation of privacy”
NEXT ARTICLEQuiz of the week: 31st March»
Adrian Schofield sheds light on tech in South Africa
Mark Chillingworth on IT leadership